Beispiel #1
0
        public static bool VerifyBackupCode(cmUser user, string code, out List <string> newCodes)
        {
            newCodes = null;
            bool existed = false;

            using (DbManager dbManager = new DbManager())
            {
                SecondFactorBackupCodeAccessor accessor = DataAccessor.CreateInstance <SecondFactorBackupCodeAccessor>(dbManager);

                existed = accessor.IsCodeExist(user.ID, code);
                if (existed)
                {
                    int count = accessor.RemoveCode(user.ID, code);
                    if (count == 0)
                    {
                        newCodes = GenerateBackupCodes(user.ID, dbManager);
                    }
                }
            }

            if (existed && !user.IsSecondFactorVerified)
            {
                SetSecondFactorVerified(user.ID, true);
            }

            return(existed);
        }
Beispiel #2
0
        private static List <string> GenerateBackupCodes(long userID, DbManager dbManager)
        {
            List <string> codes = new List <string>();

            SecondFactorBackupCodeAccessor accessor = DataAccessor.CreateInstance <SecondFactorBackupCodeAccessor>(dbManager);

            accessor.RemoveCodes(userID);
            string code;

            for (int i = 0; i < 10; i++)
            {
                code = StringHelper.GetRandomString(16);
                codes.Add(code);
                accessor.InsertCode(userID, code);
            }

            return(codes);
        }